Terms of Service

1. Introduction

Welcome to Stage0. These Terms of Service ("Terms") govern your access to and use of the Stage0 platform and services provided by Stage Zero Operations Pty Ltd (ABN: [To be provided]) ("Stage0", "we", "us", or "our").

By accessing or using our Services, you agree to be bound by these Terms and our Privacy Policy. If you do not agree to these Terms, you must not access or use our Services.

2. Definitions

In these Terms:

• "Services" means the Stage0 AI-powered IRAP assessment platform, including all features, applications, content, and services provided by Stage0.
• "User", "you", or "your" means the individual or entity accessing or using the Services.
• "Account" means the account created to access the Services.
• "Organisation" means the business, company, or entity on whose behalf you are using the Services.
• "Content" means all text, documents, data, files, graphics, and other materials uploaded to or generated by the Services.
• "User Content" means Content that you upload, submit, or transmit through the Services.
• "ISM" means the Australian Government Information Security Manual.
• "IRAP" means the Infosec Registered Assessors Program.

3. Acceptance of Terms

By creating an Account, accessing the Services, or clicking "I agree" or similar buttons, you:

• Confirm that you have read and understood these Terms
• Agree to be bound by these Terms and our Privacy Policy
• Represent that you are at least 18 years of age
• Represent that you have the authority to bind your Organisation to these Terms (if applicable)
• Confirm that your use of the Services complies with all applicable laws and regulations

If you are using the Services on behalf of an Organisation, you represent and warrant that you have the authority to bind that Organisation to these Terms, and references to "you" in these Terms include both you and the Organisation.

4. Description of Services

Stage0 provides an AI-powered platform for conducting Information Security Registered Assessors Program (IRAP) assessments against the Australian Government Information Security Manual (ISM). Our Services include:

• AI-powered document analysis and processing using Claude AI
• Automated ISM control assessment capabilities
• Knowledge graph generation for system architecture visualization
• Multi-tenant architecture with data isolation
• Collaborative assessment workflow tools
• Reporting and documentation features

We reserve the right to modify, suspend, or discontinue any aspect of the Services at any time, with or without notice. We are not liable to you or any third party for any modification, suspension, or discontinuance of the Services.

5. User Accounts and Registration

5.1 Account Creation

To access the Services, you must create an Account by providing accurate, current, and complete information. You agree to update your Account information promptly to maintain its accuracy.

5.2 Account Security

You are responsible for:

• Maintaining the confidentiality of your Account credentials
• All activities that occur under your Account
• Notifying us immediately of any unauthorized use or security breach
• Ensuring your password is strong and not shared with others
• Enabling multi-factor authentication when available

5.3 Account Eligibility

The Services are intended for IRAP assessors, security professionals, and organisations undergoing IRAP assessments. You must be at least 18 years of age to create an Account.

5.4 One Account Per User

Each user may maintain only one Account. You may not create multiple Accounts for yourself or allow others to use your Account credentials.

6. Permitted Uses

Subject to your compliance with these Terms, we grant you a limited, non-exclusive, non-transferable, revocable license to access and use the Services for the following purposes:

• Conducting IRAP assessments against the ISM
• Uploading and analyzing security documentation for assessment purposes
• Generating system architecture knowledge graphs and diagrams
• Collaborating with clients, colleagues, and stakeholders on security assessments
• Creating, managing, and exporting assessment reports
• Managing ISM control assessments and compliance tracking
• Utilizing AI-powered analysis to support professional security assessments
• Accessing training materials and documentation provided within the Services

7. Prohibited Uses

You agree not to use the Services for any purpose that is illegal or prohibited by these Terms. Prohibited uses include, but are not limited to:

7.1 Illegal Activities

• Violating any applicable local, state, national, or international law or regulation
• Uploading or transmitting Content that infringes intellectual property rights
• Engaging in money laundering, fraud, or other criminal activities
• Uploading malicious code, viruses, malware, or other harmful software

7.2 Unauthorized Access and Security Violations

• Attempting to gain unauthorized access to other users' Accounts or data
• Circumventing or disabling security features of the Services
• Accessing data or systems not intended for your access level
• Testing the Services for vulnerabilities without prior written authorization
• Using automated tools to scrape, harvest, or collect data from the Services
• Attempting to reverse engineer, decompile, or disassemble the Services

7.3 Abuse and Misuse

• Overloading or attempting to disrupt the Services (e.g., denial-of-service attacks)
• Using the Services to send spam, unsolicited communications, or phishing attempts
• Impersonating another person or entity
• Creating fake or misleading Accounts or Organizations
• Sharing Account credentials or selling access to your Account

7.4 Inappropriate Content

• Uploading Content that is defamatory, obscene, pornographic, or offensive
• Uploading Content that promotes violence, terrorism, or illegal activities
• Uploading Content containing personal information without proper authorization
• Uploading Content that violates privacy rights or confidentiality obligations

7.5 Commercial Misuse

• Reselling, sublicensing, or redistributing the Services without authorization
• Using the Services to develop competing products or services
• Using the Services in a manner that exceeds your subscription tier or usage limits
• Bypassing usage restrictions or payment requirements

7.6 Professional Misconduct

• Misrepresenting AI-generated assessments as solely human-conducted without review
• Providing assessments outside your scope of accreditation or expertise
• Using the Services in violation of IRAP program requirements
• Submitting false or misleading assessment data or reports

8. User Responsibilities

8.1 Content Responsibility

You are solely responsible for all User Content you upload, submit, or transmit through the Services. You represent and warrant that you have all necessary rights, licenses, and permissions to upload User Content and grant us the rights described in these Terms.

8.2 Data Protection and Privacy

You are responsible for:

• Ensuring you have appropriate authority and consent to upload personal information
• Complying with the Privacy Act 1988 (Cth) and other applicable data protection laws
• Obtaining necessary consents from individuals whose data you process through the Services
• Implementing appropriate security measures for sensitive information
• Notifying us immediately if you upload classified or highly sensitive information by mistake

8.3 Professional Standards

If you are an IRAP assessor or security professional, you must:

• Maintain appropriate professional qualifications and accreditations
• Review and validate all AI-generated assessments before relying on them
• Exercise professional judgment and not blindly accept AI recommendations
• Comply with IRAP program requirements and professional codes of conduct
• Maintain independence and objectivity in your assessments

8.4 Accuracy of Information

You must provide accurate, current, and complete information when using the Services. You must promptly update any information that becomes inaccurate or outdated.

8.5 Compliance with Laws

You are responsible for ensuring your use of the Services complies with all applicable laws, regulations, and contractual obligations, including export controls, sanctions, and data localization requirements.

9. Intellectual Property

9.1 Stage0 Property

The Services, including all software, technology, designs, graphics, user interfaces, trademarks, logos, and other content (excluding User Content), are owned by Stage0 or our licensors and are protected by Australian and international intellectual property laws. You do not acquire any ownership rights by using the Services.

9.2 User Content Ownership

You retain all ownership rights to your User Content. However, by uploading User Content to the Services, you grant Stage0 a worldwide, non-exclusive, royalty-free license to use, reproduce, process, modify, and display your User Content solely for the purpose of providing the Services to you.

9.3 AI-Generated Content

Content generated by our AI features based on your User Content (such as assessment recommendations, knowledge graphs, and reports) is provided to you for your use. You may use this AI-generated content in accordance with these Terms, but you acknowledge that it is generated using our proprietary technology and processes.

9.4 Feedback

If you provide feedback, suggestions, or ideas about the Services, you grant Stage0 a perpetual, irrevocable, worldwide, royalty-free license to use, modify, and incorporate such feedback into our Services without compensation or attribution.

10. Third-Party Services and Content

10.1 Third-Party Services

The Services may integrate with or include third-party services, including Anthropic's Claude AI, cloud hosting providers, and payment processors. Your use of these third-party services is subject to their respective terms of service and privacy policies. We are not responsible for third-party services or their actions.

10.2 Third-Party Links

The Services may contain links to third-party websites or resources. We do not endorse and are not responsible for the content, accuracy, or practices of third-party websites. You access third-party websites at your own risk.

10.3 ISM Content

The Information Security Manual is published by the Australian Signals Directorate and is used within our Services under applicable Commonwealth licenses. We do not claim ownership of the ISM content and update our Services to reflect ISM updates periodically.

11. Data and Privacy

We collect, use, and protect your personal information as described in our Privacy Policy, which is incorporated into these Terms by reference.

Key points regarding data and privacy:

• Your data is stored in Australian-based infrastructure
• We implement enterprise-grade security measures including encryption and multi-tenant data isolation
• Your User Content may be processed by third-party AI services (Anthropic Claude)
• We do not sell or rent your personal information to third parties
• You have rights to access, correct, and delete your data as described in our Privacy Policy

By using the Services, you consent to the collection, use, and disclosure of your information as described in our Privacy Policy.

12. Fees and Payment

12.1 Subscription Fees

Access to the Services requires payment of subscription fees as specified in your selected plan. All fees are in Australian Dollars (AUD) and exclude GST unless otherwise stated. GST will be added to all fees where applicable.

12.2 Payment Terms

You agree to:

• Provide current, complete, and accurate billing information
• Pay all fees when due
• Update your payment information promptly if it changes
• Authorize us to charge your payment method for all applicable fees

12.3 Billing Cycle

Subscription fees are billed in advance on a monthly or annual basis (depending on your selected plan) and are non-refundable except as required by law or as expressly stated in these Terms.

12.4 Late Payment and Suspension

If payment is not received when due, we may suspend or terminate your access to the Services. You remain responsible for all outstanding fees plus any collection costs or late fees.

12.5 Price Changes

We may change our fees at any time by providing at least 30 days' notice. Continued use of the Services after the price change takes effect constitutes acceptance of the new fees.

12.6 Refunds

Except as required by Australian Consumer Law or as otherwise stated in these Terms, all fees are non-refundable. If you cancel your subscription, you may continue to access the Services until the end of your current billing period.

13. Indemnification

You agree to indemnify, defend, and hold harmless Stage0, its directors, officers, employees, agents, affiliates, and licensors from and against any and all claims, liabilities, damages, losses, costs, expenses, and fees (including reasonable legal fees) arising from or relating to:

• Your use or misuse of the Services
• Your violation of these Terms
• Your violation of any applicable laws or regulations
• Your User Content, including any claims that it infringes or violates any third-party rights
• Your breach of any representations or warranties made in these Terms
• Any assessments, reports, or recommendations you provide based on the Services
• Unauthorized access to your Account resulting from your failure to secure your credentials
• Your violation of any third-party rights, including intellectual property, privacy, or confidentiality rights

We reserve the right to assume the exclusive defense and control of any matter subject to indemnification by you, in which case you agree to cooperate with our defense of such claim.

This indemnification obligation will survive termination of these Terms and your use of the Services.

14. Limitation of Liability

14.1 Exclusion of Consequential Damages

To the maximum extent permitted by law, Stage0 and its affiliates, officers, directors, employees, and agents will not be liable for any indirect, incidental, special, consequential, or punitive damages, including loss of profits, data, use, goodwill, or other intangible losses, arising from or relating to your use of or inability to use the Services.

14.2 Liability Cap

To the maximum extent permitted by law, our total liability to you for all claims arising from or relating to the Services will not exceed the amount you paid to Stage0 in the 12 months preceding the event giving rise to the liability, or AUD $1,000, whichever is greater.

14.3 Exceptions

The limitations in this section do not limit our liability for:

• Death or personal injury caused by our negligence
• Fraud or fraudulent misrepresentation
• Any liability that cannot be excluded or limited under Australian law

14.4 Australian Consumer Law

Nothing in these Terms excludes, restricts, or modifies any consumer guarantee, right, or remedy conferred by the Australian Consumer Law or any other applicable law that cannot be lawfully excluded, restricted, or modified.

15. Warranties and Disclaimers

15.1 Services Provided "As Is"

Except as expressly stated in these Terms, the Services are provided "as is" and "as available" without warranties of any kind, either express or implied. To the maximum extent permitted by law, we disclaim all warranties, including implied warranties of merchantability, fitness for a particular purpose, and non-infringement.

15.2 AI Technology Limitations

You acknowledge and agree that:

• AI-generated assessments and recommendations are tools to assist professionals, not replacements for professional judgment
• AI technology may produce errors, inaccuracies, or incomplete results
• You must review and validate all AI-generated content before relying on it
• We do not guarantee that AI assessments will be accurate, complete, or suitable for your purposes
• The ISM controls and requirements may change, and there may be delays in updating our Services

15.3 No Professional Advice

The Services provide tools and information but do not constitute professional advice. You should not rely on the Services as a substitute for professional security assessment, legal advice, or compliance guidance. We are not responsible for decisions you make based on information or recommendations from the Services.

15.4 No Guarantee of Results

We do not guarantee that use of the Services will result in successful IRAP assessments, compliance certifications, or any particular outcome.

15.5 Service Availability

We do not guarantee that the Services will be uninterrupted, timely, secure, or error-free. We may experience downtime for maintenance, updates, or due to factors beyond our control.

16. Term and Termination

16.1 Term

These Terms commence when you first access the Services and continue until terminated in accordance with this section.

16.2 Termination by You

You may terminate your Account at any time by contacting us or using the account closure feature in the Services. If you terminate during a subscription period, you will not receive a refund for any unused portion of the subscription.

16.3 Termination by Stage0

We may suspend or terminate your Account and access to the Services immediately, without notice, if:

• You breach these Terms
• You fail to pay fees when due
• Your use of the Services poses a security or legal risk
• We are required to do so by law or regulatory authority
• We decide to discontinue the Services

16.4 Effect of Termination

Upon termination:

• Your right to access and use the Services immediately ceases
• We may delete your Account and User Content after a reasonable grace period
• You remain responsible for all fees and charges incurred before termination
• Sections of these Terms that by their nature should survive termination will continue to apply

16.5 Data Export

Before terminating your Account, you should export any User Content you wish to retain. After termination, we are not obligated to retain or provide access to your User Content.

17. Modifications to Terms

We may modify these Terms at any time. If we make material changes, we will notify you by:

• Posting the updated Terms with a new "Last updated" date
• Sending an email to your registered email address
• Displaying a notice within the Services

Changes to these Terms will be effective 14 days after we provide notice. Your continued use of the Services after the effective date constitutes acceptance of the modified Terms.

If you do not agree to the modified Terms, you must stop using the Services and may terminate your Account.

18. Dispute Resolution

18.1 Informal Resolution

If a dispute arises between you and Stage0, we encourage you to contact us first to seek an informal resolution. We will work in good faith to resolve disputes amicably.

18.2 Mediation

If informal resolution is unsuccessful, both parties agree to attempt to resolve the dispute through mediation before pursuing litigation. The mediation will be conducted in accordance with the Australian Disputes Centre (ADC) Mediation Guidelines.

18.3 Costs

Each party will bear its own costs of any dispute resolution process, except that mediation costs will be shared equally unless otherwise agreed or ordered.

19. Governing Law and Jurisdiction

These Terms are governed by the laws of New South Wales, Australia. Both parties submit to the exclusive jurisdiction of the courts of New South Wales for any legal proceedings arising from or relating to these Terms or the Services.

Nothing in this section limits any rights you may have under the Australian Consumer Law or other mandatory consumer protection laws.

20. Miscellaneous

20.1 Entire Agreement

These Terms, together with our Privacy Policy, constitute the entire agreement between you and Stage0 regarding the Services and supersede all prior agreements and understandings.

20.2 Severability

If any provision of these Terms is found to be invalid or unenforceable, that provision will be limited or eliminated to the minimum extent necessary, and the remaining provisions will remain in full force and effect.

20.3 Waiver

Our failure to enforce any right or provision of these Terms will not constitute a waiver of such right or provision. Any waiver must be in writing and signed by an authorized representative of Stage0.

20.4 Assignment

You may not assign or transfer these Terms or your Account without our prior written consent. We may assign or transfer these Terms without restriction. Any attempted assignment in violation of this section is void.

20.5 No Agency

Nothing in these Terms creates a partnership, joint venture, employment, or agency relationship between you and Stage0.

20.6 Force Majeure

We will not be liable for any failure or delay in performance due to circumstances beyond our reasonable control, including acts of God, natural disasters, war, terrorism, pandemics, labor disputes, or disruptions to third-party services.

20.7 Notices

We may provide notices to you via email to your registered email address or by posting notices within the Services. Notices will be deemed given 24 hours after sending (for email) or posting (for in-app notices).

20.8 Export Controls

You agree to comply with all applicable export and import laws and regulations. You will not use the Services in any country or jurisdiction where such use would violate applicable laws.

21. Contact Information

If you have any questions about these Terms or need to contact us regarding the Services, please reach out: